blog-contributions/opsec/anonprotest/index.html
nanoanon 4ebdeb3f96 add tutorial to activate eSIM
update security measures in index.html
update physical opsec documentation for better anonymity
2024-10-10 01:16:24 +05:30

573 lines
25 KiB
HTML

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="A guide on how to remain anonymous during protests">
<meta name="author" content="nanoanon">
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
<title>How to remain Anonymous during a protest</title>
<!-- Bootstrap core CSS -->
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
<link href="../../assets/css/xt256.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="../../assets/css/main.css" rel="stylesheet">
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
<![endif]-->
</head>
<body>
<!-- Static navbar -->
<div class="navbar navbar-inverse-anon navbar-static-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
</div>
<div class="navbar-collapse collapse">
<ul class="nav navbar-nav navbar-right">
<li><a href="/about.html">About</a></li>
<li><a href="/blog.html">Categories</a></li>
<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
<li><a href="/contact.html">Contact</a></li>
</ul>
</div><!--/.nav-collapse -->
</div>
</div>
<!-- +++++ Posts Lists +++++ -->
<!-- +++++ First Post +++++ -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<a href="../index.html">Previous Page</a></br></br>
<p><img src="../../assets/img/user.png" width="50px" height="50px">
<ba>nihilist - 00 / 00 / 00</ba>
</p>
<h1>How to remain Anonymous during a protest</h1>
<p>You just turned on your TV and saw that there is a <strong>protest</strong> near the white house
because the government decided that end to end encryption leads to terrorism and are passing a
law to ban it. You feel patriotic and know that it isn't right. <strong>You show up to the
protest without telling anyone</strong> for a few hours and you get back home proud that you
showed your support to the people. However, the police bangs your door and <strong>arrests you
for taking part in the protest</strong>.</p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<!-- +++++ Second Post +++++ -->
<div id="anon3">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>Phones are tracking devices for Law Enforcement</b></h2>
<br>
<p><strong>Government</strong>, <strong>Internet Service Providers</strong> (ISPs), <strong>Cellular
network providers</strong> can all <strong>find out where you are</strong> with the help of
your device emitting and receiving radio waves. These entities use various methods to track you
down at <strong>any given time</strong>. This is called <strong>Geofencing</strong>.</p>
<br>
<div>
<h3><b>Tower Triangulation</b></h3>
<img src="tower-triangulation.png" class="imgRz">
<p>This is where multiple cellular towers are used to geometrically locate devices connecting or
pinging them by measuring the strength of the connection from each tower.</p>
<p>more towers present around you = more accurate location</p>
<p><strong>Towers even at a distance of 5 miles from you can be used to triangulate your
location precisely.</strong></p>
</div>
<div>
<h3><b>Wifi Triangulation</b></h3>
<img src="wifi-triangulation.png" class="imgRz">
<br><br>
<p>Wifi routers often interact together especially when they're from the same ISP. When your
device recognizes a wifi network nearby (as seen in the wifi details option of your phone)
which also allows them to determine the <strong>signal strength</strong> of each router.</p>
<p>This can be used to geometrically determine your device's location based on how strong the
nearby signals are, <b>even when you're not connected to it.</b></p>
<p><strong>Two routers are enough to track you precisely upto a 6 feet error. You're surrounded
by tens of them.</strong></p>
<p>On Android and Apple devices, wifi can also be used to geofence you with GPS through Google
or Apple Network Location Provider (NLP) service. Making it even easier to geo-locate your
device.</p>
</div>
<div>
<h3><b>GPS/A-GPS</b></h3>
<p>Your phone constantly searches for satellites to connect to Global Positioning System (GPS)
signals.</p>
<p>Both Android and Google devices use Google-SUPL service for gps queries -
[supl.google.com:7275]. This <b>happens even if you do not connect your phone to a WiFi or
Cellular data</b>.</p>
<p>Blocking this service greatly impacts cellular data connectivity and disables location
services on your device.</p>
<p>(A-GPS stands for 'Assisted GPS'. It is when the SUPL GPS service works with the on-device
GPS module to be even efficient in location tracking.)</p>
</div>
<h3><b>TLDR; Unless if your phone is powered off in a faraday bag, wherever it goes, there exists a
permanent record of where a phone has been and that record is known by Law Enforcement
entities.</b></h3>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>Prevention - staying Anonymous outdoors.</b></h2> </br> </br>
<p><b>Reminder: Anonymity is when you are amongst a group of people, and you are indistinguishable
from the other members of the group.</b></p>
<p><b>⚠️ Read the entire article before taking any actions or steps as half-knowledge could easily land you in jail.⚠️</b></p>
<hr>
<h3><b>Look the same</b></h3>
<p>To minimize the risk of being identified by police or surveillence devices like CCTV, protestors
including you should adopt a uniform. The best way to do this is implementing the following.</p>
<h4>
<ul>
<li>Wearing all black - (<u>long sleeve tshirts</u>, pants, socks, shoes, <u>gloves</u>,
<u>glasses</u>, and <u>masks</u>.)
</li>
<br>
<li>No jewellery - necklaces, watches, earrings, bracelets, etc.</li>
<br>
<li>Dress up such that you're always ready for a run.</li>
<br>
<li>Do not touch surfaces with your bare hands and leave potential fingerprints.</li>
<br>
<li>Do not carry any weapon, signal jammer, or any such device that might get you in trouble
in the court.</li>
</ul>
</h4>
<hr>
<h3><b>⚠️ Leave your phone ACTIVATED at YOUR home. ⚠️</b></h3><br>
<h4>Taking your phone to the protest, deactivating your phone or trying to mask the location of your phone can be a good reason for Law Enforcement agencies to put you on the suspicion list.</h4>
<br>
<h4>Leaving your phone activated at home leaves no digital trace of you ever being affiliated with the protestors.</h4>
<h4>As we have discussed the various methods that Law Enforcement agencies can track you down precisely, and there isn't much you can do to stop it, leaving your personal mobile phone, smart watch, or any other smart device at home is the best way to stay anonymous in a protest, leaving no proof that you took part in it and <a href="/opsec/encryption/index.html">denying</a> that you ever left your home.</h4>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<!-- +++++ Second Post +++++ -->
<div id="anon1">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<div>
<h1><b>How to have a phone for anonymous use?</b></h1> </br> </br>
<h4 style="color: rgb(255, 251, 0); box-shadow: 0px 0px 15px 15px rgba(255,0,0,0.9);">WARNING: The safest and simplest way to stay anonymous is to keep your phone at home, as explained above, for deniability, where you can claim that you stayed at home during the protest. </h4> <br><br> <h3 style="color: red;"> ⚠️ Proceed only if you need connectivity for communications while doing anonymous outdoor activities. ⚠️</h3>
<p>WARNING: Best preferred Android ROM is GrapheneOS. If you REALLY NEED a secondary phone and
it is compatible with LineageOS, you can proceed with it, but remember, you WILL NEED to
make changes to the LineageOS firewall (+ block supl.google.com:7275) for it to be even
close to Graphene in terms of security.</p>
<p>WARNING/TIP: If you're proficient with linux and have experience using ubuntu touch, you can
proceed with the same steps of setting up and precautions after you have secured its
firewall.</p>
<h3><b>Preparation - indoors:</b></h3>
<br>
<h4>
<ul>
<li>Use your main pc to flash <a href="../graphene/index.html">grapheneOS</a> on a pixel phone.
Only proceed if you get one. Otherwise, don't use a secondary phone at all.</li>
<br>
<li>Get a decently reviewed <u>Faraday bag</u> on amazon. However its recommended to buy
it physically with cash
or learn how to make Faraday bag <a
href="https://invidious.privacyredirect.com/watch?v=sQ_V9LYfiUg">here</a>, <a
href="https://invidious.privacyredirect.com/watch?v=jfSe-xyQQzg">here</a>, or <a
href="https://invidious.privacyredirect.com/watch?v=PYHvMXAXGE4">here</a>.
<br><br>
WARNING: Make sure to check whether your faraday bag works on not at your
home prior the protest by putting your or someone else's phone inside it with
cellular data and gps/location enabled and trying to call/track it.
</li>
<br>
<li>After you have flashed your pixel with grapheneOS (first step), DO NOT CONNECT TO ANY WIFI OR
CELLULAR NETWORK. Now switch your phone off and immediately put it in a faraday bag,
making sure its completely sealed.
Its is good to cover and disguise the faraday bag as a normal envelope or put it in a bag to
avoid high-level suspicion.
</li>
<br>
<li>Use sites like <a href="https://openwifimap.net"> Openwifimap</a>
<i><u><span style="color: red;">through tor</span></u></i> to pre-scan and find free open WiFi around the protest
to use in a secondary phone and the place where you plan to use active internet (as shown later).<br><br>
<u>[WARNING: Do this only if you <strong>NEED</strong> to use secondary phone for the protest].</li></u>
<br>
<li style="color: red;">⚠️ Use a Faraday bag at all times to store your secondary phone when you don't
<u><strong>need</strong></u> to use it. ⚠️
</li>
<br>
</ul>
Next steps (a) & (b) are for accessing internet anonymously ONLY AFTER you have completed
the above steps.
<br><br>
</h4>
<h4><b>a. Accessing internet anonymously - eSIM</b></h4>
<h4>
<ul>
<li>Using <a href="/opsec/whonixqemuvms/index.html">Whonix VM</a> or <a href="/opsec/tailsqemuvm/index.html">Tails VM</a>, via the tor browser and some <a href="/opsec/finances/index.html">Monero</a> (XMR), purchase an eSIM from <a href="https://silent.link">https://silent.link</a> and note down the activation code on a piece of paper.
<br><br>
<p>WARNING: It is important to write the <u>combined activation code</u> down on a piece of paper or print the QR activation code (both given by silent.link after the purchase), and not in any digital or audio format because you do not want to leave any evidence of you ever interacting with the anonymous eSIM providers and arise suspicion.</p>
</li>
<li>Write down the activation instructions below on a piece of paper. Dress up all black and go to a random place insignificant to you, get your phone out
of the faraday bag, and connect to an open wifi network. There activate the eSIM as instructed below.</li>
<div >
<h3><b>How to activate the eSIM</b></h3>
<div> <h3>Step 1</h3> <p>Navigate to your grapheneOS setting and click on "Network and Internet" </p><img src="eSIM/1.png" alt=""> </div>
<div> <h3>Step 2</h3> <p>There you will find that the "priviledged eSIM management is disabled. This is because the google play services and google play service framework is not present by-default in graphene."</p> <img src="eSIM/2.png" alt=""> </div>
<div> <h3>Step 3</h3> <p>Navigate to your app drawer and click on "Apps"</p><img src="eSIM/3.png" alt=""> </div>
<div> <h3>Step 4</h3> <p>Now install "Google Services Framework" and "Google Play Services"</p><img src="eSIM/4.png" alt=""> </div>
<div> <h3>Step 5</h3> <p>Navigate back to "Network and Internet" in the settings. The eSIM managament option should be enabled now.</p><img src="eSIM/5.png" alt=""> </div>
<div> <h3>Step 6</h3> <p>Click on the eSIM management option. Then click "Download a SIM instead."</p><img src="eSIM/6.png" alt=""> </div>
<div> <h3>Step 7</h3> <p>Click "Next."</p><img src="eSIM/7.png" alt=""> </div>
<div> <h3>Step 8</h3> <p>Here, either scan the printed QR code on the piece of paper. Otherwise, navigate to "Need Help?" and select the option to input the code manually. Input the <u>combined activation code</u> from the silent site that you noted down on the piece of paper.</p><img src="eSIM/8.png" alt=""> </div>
<div> <h3>Step 9</h3> <p>You might see different sim name downloading when you activate the sim. Its fine.</p><img src="eSIM/9.png" alt=""> </div>
<div> <h3>Step 10</h3> <p>Navigate to "settings" after you've finished downloading the eSIM.</p><img src="eSIM/10.png" alt=""> </div>
<div> <h3>Step 11</h3> <p>Click on the downloaded eSIM option.</p><img src="eSIM/11.png" alt=""> </div>
<div> <h3>Step 12</h3> <p>Toggle "Use SIM"</p><img src="eSIM/12.png" alt=""> </div>
<div> <h3>Step 13</h3> <p>Make sure to enable use for data if you want to access internet. You now have access to your private and anonymous eSIM. If you encounter any abnormal issue, using tor browser, head to <a href="https://silent.link/faq">silent help</a>.</p><img src="eSIM/13.png" alt=""> </div>
<div> <h3>Step 14</h3> <strong style="color: rgb(255, 100, 100);">DO NOT FORGET TO REMOVE BOTH GOOGLE SERVICES THAT YOU DOWNLOADED EARLIER.</strong><img src="eSIM/14.png" alt=""> </div>
</div>
<br>
<li>Make sure that while you're doing this, you're not under any security surveillence
(cameras, law encorcement buildings, etc).</li>
<br>
<li>Once you validate that the eSIM works, power the device off, and put it in the faraday back again right away.</li>
</ul>
</h4>
<hr>
<h4 style="color: rgb(255, 0, 0);">⚠️ Although eSIM method works well, you need to remember that
the moment you activate it, the systems <u>start tower-triangulation right away</u> and
doing it anywhere close to your
location of interest might be <u>potentially risky</u>. You also need to be careful NOT to
switch it on at your own home by any chance,
or you could hear the <u>bang on your door soon</u>. This is why its best to use open public
wifi.⚠️
<br><br>Leave your primary phone INDOORS and ACTIVATED while you are outdoors.
<br><br>
<b>⚠️ Remember NEVER to carry both - your personal/primary and your secondary phones at the same time. If and only if need to for critical reasons, make sure to ALWAYS keep atleast one of them in a faraday bag at all times and do NOT switch on both of them simultaneously. ⚠️</b>
</h4>
<hr>
<h4><b>b. Accessing internet anonymously - public wifi</b></h4>
<h4>
<ul>
<li>There are multiple advantages to use tools like <a
href="https://openwifimap.net">openwifimap</a> to find public WiFi cafe networks
to connect to.</li>
<br>
<li>If for some reason the app/website does not show free open WiFi around your area,
you might want to go for a walk like a normal person just to grab some coffee and
note down the password without any suspicious movements.</li>
<br>
<li>Make sure to install <a href="https://f-droid.org/">f-droid</a> on your grapheneOS
and install <a href="https://blog.nowhere.moe/opsec/MobileTor/index.html">tor
browser</a> and <a
href="https://support.torproject.org/glossary/orbot/">orbot</a> vpn from it.
Check "Setting up package managers" section of <a
href="/opsec/graphene/index.html">this</a> to be guided through how to install
fdroid securely.
</li>
<br>
<li>Go in your grapheneOS settings and search for 'VPN' , find and select more options
for orbot vpn after opening the orbot app once and giving it permission to start a
VPN.
Select the option to set orbot as an "Always-on VPN" and turn on "Block all
connections not using this VPN".
<br><br>
(or)
<br><br>
Install Mullvad VPN and proceed with the same steps to block all connections not
using Mullvad.
<br><br>
<b>Setting up Orbot</b><br><br>
<p>Turn on "VPN mode" and then proceed to turn on "Use Bridges". Using tor bridges
isn't necessary but using them will ensure that
Law Enforcement agencies can not trace whether or not someone was using tor.
This grants you additional safety.
</p>
<img src="orbot config.png" width="50%">
<br><br>
<b>Step 1</b> <br><br>
<img src="a.png" class="imgRz"><br><br>
<b>Step 2</b> <br><br>
<img src="b.png" class="imgRz"><br><br>
<b>Step 3</b> <br><br>
<img src="c.png" class="imgRz"><br><br>
<b>Step 4</b> <br><br>
<img src="d.png" class="imgRz"><br><br>
<b>Step 5</b> <br><br>
<img src="e.png" class="imgRz"><br><br>
<b>Step 6</b> <br><br>
<img src="f.png" class="imgRz"><br><br>
<br><br>
<h5 style="color: rgba(255, 230, 0, 0.795);">⚠️ Although Mullvad is one of the very
few trustable VPNs out there, we can NEVER trust a single entity so its better
and free to use orbot. ⚠️</h5>
</li>
</ul>
</h4>
<br><br>
<h4>Now whenever you are outdoors onto doing something sensitive, being unidentifiable with the
uniform and your gear, you can take the phone out of the faraday bag, power it on and use
it.</h4>
</div>
<br><br>
<hr>
<hr><br><br>
<div>
<h2><b>Anonymous Communications</b></h2>
<br>
<h4>A trusted, decentralised communication platform for discussing things about the protest is
the most important thing. Despite having all
the proxies and anonymization tools in your hand, if the Law Enforcement already knows about
the people going to protest, they can arrest them prior the protest.
<br><br>
This is why you need a secure, decentralised, end-to-end encryption based messaging
platform.
<br><br>
</h4>
<br><br>
<h3>An extensive guide on how to use and why to use PGP encryption in messengers can be found <a
href="/opsec/pgp/index.html">here</a>.</h3>
<br><br>
<h3><b>Simplex Chat</b></h3>
<img src="2.png" style="width: 75%;">
<br><br>
<h4>For sensitive communications while outdoors, it is suggested to use <a
href="https://simplex.chat/blog/20230103-simplex-chat-v4.4-disappearing-messages.html#disappearing-messages">SimpleX
chat with disappearing</a> turned on.
<br><br>
We will be also showing how to use SimpleX as an all-in-one privacy messenger for all your
activities in one of our future tutorials.
</h4>
</div>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<!-- +++++ Second Post +++++ -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h1><b>Physical opSec</b></h1>
<p>What you do in day-to-day life is a big part of who you are, your personality, your agenda, etc.
You NEED to be aware of your physical operational security
and take care of it properly.
</p>
<div>
<h2><b>Your body language</b></h2>
<p>sourced from <a
href="https://wikileaks.org/cia-travel/secondary-screening/WikiLeaks_CIA_Assessment_on_Surviving_Secondary_Screening.pdf">cia
assessment training</a> papers from wikileaks.</p>
<br>
<h3>While interacting with people of the protest, you need to take care make sure that you</h3>
<h4>
<ul>
<li><b>Do NOT tell anyone your real name</b>. Create a pseudonym for every
group/contact. SimpleX chat offers this feature within their app to randomly generate one using "Incognito mode" within the app.</li><br>
<li><b>Do NOT vocally talk about protest at home, near devices. SimpleX chat should be the <u>only</u> place you talk about the protest</b>.</li><br>
<li>Do NOT share personal info (address, phone number, birth year, family background)
with <b>ANYONE</b>.</li><br>
</ul>
</h4>
<br>
<h3>When going outside to safely access services like eSIM or tor, as we talked earlier, always
keep in mind to</h3>
<h4>
<ul>
<li>NOT go to a location that holds a significance to you.</li><br>
<li>NOT go to a location that is near Law Enforcement premises or under surveillence
(CCTV).</li><br>
<li><b>Put your uniform in a bag (1) and put the bag (1) in another bag (2). Go to a
subway washroom/restroom and wear the uniform making sure no cameras are
watching you. Make sure to now put the bag (2) in bag (1) and proceed with your
work as shown in the below diagram.</b></li>
<br><br>
<b>Again, keep the secondary phone switched off in a faraday bag at all times. Switch it on or remove it from the faraday bag STRICLY ONLY AFTER YOU HAVE DISGUISED (ONLY after reaching public washroom A). Put the phone back in before removing your disguise (BEFORE leaving public washroom B).</b>
<img src="popsec.png" class="imgRz">
<br>
</ul>
</h4>
</div>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<!-- +++++ Footer Section +++++ -->
<div id="anonb">
<div class="container">
<div class="row">
<div class="col-lg-4">
<h4>Nihilism</h4>
<p>
Until there is Nothing left.</p></br></br>
<p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>My Links</h4>
<p>
<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS
Feed</a><br /><a target="_blank" rel="noopener noreferrer"
href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX
Chat</a><br />
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>About nihilist</h4>
<p style="word-wrap: break-word;"><u>Donate XMR:</u>
8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8
</p></br>
<p><u>Contact:</u> nihilist@contact.nowhere.moe (<a
href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
</div><!-- /col-lg-4 -->
</div>
</div>
</div>
<!-- Bootstrap core JavaScript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
</body>
</html>